diff --git a/.github/workflows/auto-update-otel-sdk.yml b/.github/workflows/auto-update-otel-sdk.yml index 74631bc1bdbd..610e4458977f 100644 --- a/.github/workflows/auto-update-otel-sdk.yml +++ b/.github/workflows/auto-update-otel-sdk.yml @@ -84,7 +84,7 @@ jobs: - name: Use CLA approved bot run: .github/scripts/use-cla-approved-bot.sh - - uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0 + - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }} diff --git a/.github/workflows/auto-update-pull-request.yml b/.github/workflows/auto-update-pull-request.yml index feafec351f22..a72c15e11b72 100644 --- a/.github/workflows/auto-update-pull-request.yml +++ b/.github/workflows/auto-update-pull-request.yml @@ -33,7 +33,7 @@ jobs: echo "exists=true" >> $GITHUB_OUTPUT fi - - uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0 + - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 if: steps.unzip-patch.outputs.exists == 'true' id: otelbot-token with: diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 0a1b7656293a..5e661d42c877 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -29,7 +29,7 @@ jobs: - name: Use CLA approved bot run: .github/scripts/use-cla-approved-bot.sh - - uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0 + - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f1e073c7a69b..e2980bf3cf5f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -63,7 +63,7 @@ jobs: cache-read-only: ${{ github.event_name == 'pull_request' }} - name: Initialize CodeQL - uses: github/codeql-action/init@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3.29.8 + uses: github/codeql-action/init@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10 with: languages: ${{ matrix.language }} # using "latest" helps to keep up with the latest Kotlin support @@ -79,6 +79,6 @@ jobs: run: ./gradlew assemble -x javadoc -x :instrumentation:quarkus-resteasy-reactive:quarkus3-testing:quarkusGenerateCodeDev -x :instrumentation:quarkus-resteasy-reactive:quarkus2-testing:quarkusGenerateCodeDev --no-build-cache --no-daemon - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3.29.8 + uses: github/codeql-action/analyze@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/metadata-update.yml b/.github/workflows/metadata-update.yml index d2442fd57ab2..00f28c85f5c7 100644 --- a/.github/workflows/metadata-update.yml +++ b/.github/workflows/metadata-update.yml @@ -55,7 +55,7 @@ jobs: if: steps.diffcheck.outputs.has_diff == 'true' run: .github/scripts/use-cla-approved-bot.sh - - uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0 + - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 if: steps.diffcheck.outputs.has_diff == 'true' id: otelbot-token with: diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 0655cca26c9c..cb832d53eddc 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -42,6 +42,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3.29.8 + uses: github/codeql-action/upload-sarif@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10 with: sarif_file: results.sarif diff --git a/.github/workflows/prepare-patch-release.yml b/.github/workflows/prepare-patch-release.yml index 1eeeae8d5196..1fb62fd6fba6 100644 --- a/.github/workflows/prepare-patch-release.yml +++ b/.github/workflows/prepare-patch-release.yml @@ -51,7 +51,7 @@ jobs: - name: Use CLA approved bot run: .github/scripts/use-cla-approved-bot.sh - - uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0 + - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }} diff --git a/.github/workflows/prepare-release-branch.yml b/.github/workflows/prepare-release-branch.yml index 8ab972611b53..e7afaeb036e9 100644 --- a/.github/workflows/prepare-release-branch.yml +++ b/.github/workflows/prepare-release-branch.yml @@ -63,7 +63,7 @@ jobs: - name: Use CLA approved bot run: .github/scripts/use-cla-approved-bot.sh - - uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0 + - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }} @@ -120,7 +120,7 @@ jobs: - name: Use CLA approved bot run: .github/scripts/use-cla-approved-bot.sh - - uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0 + - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }} diff --git a/.github/workflows/release-update-cloudfoundry-index.yml b/.github/workflows/release-update-cloudfoundry-index.yml index 5e58ec9a5bdf..e4e7ff33176e 100644 --- a/.github/workflows/release-update-cloudfoundry-index.yml +++ b/.github/workflows/release-update-cloudfoundry-index.yml @@ -44,7 +44,7 @@ jobs: - name: display changes run: git diff - - uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0 + - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dedeb5b8532e..6a2005ad153d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -244,7 +244,7 @@ jobs: - name: Use CLA approved bot run: .github/scripts/use-cla-approved-bot.sh - - uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0 + - uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }} diff --git a/benchmark-overhead/Dockerfile.petclinic b/benchmark-overhead/Dockerfile.petclinic index 8cc71ceaee6a..3e3e1c7a59d5 100644 --- a/benchmark-overhead/Dockerfile.petclinic +++ b/benchmark-overhead/Dockerfile.petclinic @@ -1,4 +1,4 @@ -FROM eclipse-temurin:11.0.28_6-jdk@sha256:63060204d77c7b003f3e1bdac280dd905c9c33a8280bc32309d4e641ede5d39e as app-build +FROM eclipse-temurin:11.0.28_6-jdk@sha256:7f02272d7ffd500c00783b66dc4be17694228a24a61deca8f48d3a8f7ecae42b as app-build # This is the base image that will contain a built version of the spring-petclinic-rest # application. Installing the dependencies and maven compiling the application is time diff --git a/smoke-tests/images/early-jdk8/Dockerfile b/smoke-tests/images/early-jdk8/Dockerfile index 969664549afa..cb407a56140c 100644 --- a/smoke-tests/images/early-jdk8/Dockerfile +++ b/smoke-tests/images/early-jdk8/Dockerfile @@ -1,5 +1,5 @@ # https://github.com/zulu-openjdk/zulu-openjdk/blob/master/ubuntu/8u412-8.78/Dockerfile -FROM ubuntu:noble-20250714@sha256:a08e551cb33850e4740772b38217fc1796a66da2506d312abe51acda354ff061 +FROM ubuntu:noble-20250716@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' diff --git a/smoke-tests/images/fake-backend/src/docker/backend/windows.dockerfile b/smoke-tests/images/fake-backend/src/docker/backend/windows.dockerfile index 97e7dc7b7fde..a26a6bf07e6f 100644 --- a/smoke-tests/images/fake-backend/src/docker/backend/windows.dockerfile +++ b/smoke-tests/images/fake-backend/src/docker/backend/windows.dockerfile @@ -1,3 +1,3 @@ -FROM eclipse-temurin:21.0.8_9-jdk-windowsservercore-ltsc2022@sha256:87e4af970a21c3a1eb37b39c42621308f71e16cf95bbfbc8e66ad77d6582b1a3 +FROM eclipse-temurin:21.0.8_9-jdk-windowsservercore-ltsc2022@sha256:4c08cf81232e0278ca08cb6a267e94c06dbe4f4d705967f7f4bce9c62b4f60c9 COPY fake-backend.jar /fake-backend.jar CMD ["java", "-jar", "/fake-backend.jar"] diff --git a/smoke-tests/images/servlet/src/jetty.windows.dockerfile b/smoke-tests/images/servlet/src/jetty.windows.dockerfile index 307baf799329..cb4b92440d81 100644 --- a/smoke-tests/images/servlet/src/jetty.windows.dockerfile +++ b/smoke-tests/images/servlet/src/jetty.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3281482945016cdaefbe417edd8338de8119e077b6941f74e78b050da1b7bd97 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:d9e1a220c13cf25c7b213fbd96df2b63671e2dba0de3909003d4bb23a8bc8a1c as builder ARG sourceVersion ADD https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-home/${sourceVersion}/jetty-home-${sourceVersion}.zip /server.zip diff --git a/smoke-tests/images/servlet/src/liberty.windows.dockerfile b/smoke-tests/images/servlet/src/liberty.windows.dockerfile index 00a3b9d2984a..ccaa3e31ba47 100644 --- a/smoke-tests/images/servlet/src/liberty.windows.dockerfile +++ b/smoke-tests/images/servlet/src/liberty.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3281482945016cdaefbe417edd8338de8119e077b6941f74e78b050da1b7bd97 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:d9e1a220c13cf25c7b213fbd96df2b63671e2dba0de3909003d4bb23a8bc8a1c as builder ARG version ARG release diff --git a/smoke-tests/images/servlet/src/payara.windows.dockerfile b/smoke-tests/images/servlet/src/payara.windows.dockerfile index 3e3123a902f2..c9e2ad9cff33 100644 --- a/smoke-tests/images/servlet/src/payara.windows.dockerfile +++ b/smoke-tests/images/servlet/src/payara.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3281482945016cdaefbe417edd8338de8119e077b6941f74e78b050da1b7bd97 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:d9e1a220c13cf25c7b213fbd96df2b63671e2dba0de3909003d4bb23a8bc8a1c as builder ARG version ADD https://nexus.payara.fish/repository/payara-community/fish/payara/distributions/payara/${version}/payara-${version}.zip /server.zip diff --git a/smoke-tests/images/servlet/src/tomcat.windows.dockerfile b/smoke-tests/images/servlet/src/tomcat.windows.dockerfile index 638aff3183b5..97bbfca1cf93 100644 --- a/smoke-tests/images/servlet/src/tomcat.windows.dockerfile +++ b/smoke-tests/images/servlet/src/tomcat.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3281482945016cdaefbe417edd8338de8119e077b6941f74e78b050da1b7bd97 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:d9e1a220c13cf25c7b213fbd96df2b63671e2dba0de3909003d4bb23a8bc8a1c as builder ARG majorVersion ARG version diff --git a/smoke-tests/images/servlet/src/tomee.windows.dockerfile b/smoke-tests/images/servlet/src/tomee.windows.dockerfile index 388ef3cbcc78..83ba30752c87 100644 --- a/smoke-tests/images/servlet/src/tomee.windows.dockerfile +++ b/smoke-tests/images/servlet/src/tomee.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3281482945016cdaefbe417edd8338de8119e077b6941f74e78b050da1b7bd97 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:d9e1a220c13cf25c7b213fbd96df2b63671e2dba0de3909003d4bb23a8bc8a1c as builder ARG version ADD https://archive.apache.org/dist/tomee/tomee-${version}/apache-tomee-${version}-webprofile.zip /server.zip diff --git a/smoke-tests/images/servlet/src/wildfly.windows.dockerfile b/smoke-tests/images/servlet/src/wildfly.windows.dockerfile index 53427c947ee6..1757684baf75 100644 --- a/smoke-tests/images/servlet/src/wildfly.windows.dockerfile +++ b/smoke-tests/images/servlet/src/wildfly.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3281482945016cdaefbe417edd8338de8119e077b6941f74e78b050da1b7bd97 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:d9e1a220c13cf25c7b213fbd96df2b63671e2dba0de3909003d4bb23a8bc8a1c as builder ARG version ARG baseDownloadUrl